Re: NAT isn't a firewall Re: harbinger, Re: [midcom] WG scope/deliverables
In message [EMAIL PROTECTED], Scott Brim type d: Although address obfuscation through combining NAT with your firewall can provide a small amount of additional security. against which attacks ? it doesnt provide better privacy, or non repudation, or access control, or any normal service that one would regard as an enhancement of security - in fact, having one address shared by multiple host s means there are less things an attacker needs to remember :-) cheers jon
Re: NAT isn't a firewall Re: harbinger, Re: [midcom] WG scope/deliverables
Jon, this is a nit, two digressions off the main thread, so I'll take it off-list. More mail soon. ...Scott On 4 Feb 2001 at 17:29 +, Jon Crowcroft apparently wrote: In message [EMAIL PROTECTED], Scott Brim type d: Although address obfuscation through combining NAT with your firewall can provide a small amount of additional security. against which attacks ? it doesnt provide better privacy, or non repudation, or access control, or any normal service that one would regard as an enhancement of security - in fact, having one address shared by multiple host s means there are less things an attacker needs to remember :-) cheers jon
Re: NAT isn't a firewall Re: harbinger, Re: [midcom] WG scope/deliverables
On Sat, Feb 03, 2001 at 10:50:08AM -0800, Grenville Armitage wrote: Einar Stefferud wrote: [..] had my own home system and discovered that I had no interest in being totally visible and accessible at all times, especially when I was not always around to monitor things. So, now I am very happy behind my little XRouter NAT box, with an ISP service out there where I can have a login shell if I wish. NAT doesn't primarily provide security, a firewall does. A firewall doesn't have to do NAT. If you dont mind the number of IP addresses you get from your ISP, install a smart firewall and ditch the NAT box (or twiddle some config options in your Xrouter... whatever) Although address obfuscation through combining NAT with your firewall can provide a small amount of additional security. ...Scott
